diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-03-18 23:56:36 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-03-18 23:56:36 +0000 |
| commit | 82ace9f077decc5e3634272cf5ba88e41b15be33 (patch) | |
| tree | 1c7c6f850b9d0eba836444e7746e9c5b27f980ca /phpBB | |
| parent | 61daafca3abec5e25cdf44a57ad76f82d3e9f18d (diff) | |
| download | forums-82ace9f077decc5e3634272cf5ba88e41b15be33.tar forums-82ace9f077decc5e3634272cf5ba88e41b15be33.tar.gz forums-82ace9f077decc5e3634272cf5ba88e41b15be33.tar.bz2 forums-82ace9f077decc5e3634272cf5ba88e41b15be33.tar.xz forums-82ace9f077decc5e3634272cf5ba88e41b15be33.zip | |
Non-authed user could potentially utilise topic_review to read denied forums .... thanks Ashe
git-svn-id: file:///svn/phpbb/trunk@2330 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/topic_review.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/phpBB/includes/topic_review.php b/phpBB/includes/topic_review.php index 04667cef78..54afbbc074 100644 --- a/phpBB/includes/topic_review.php +++ b/phpBB/includes/topic_review.php @@ -66,6 +66,11 @@ function topic_review($topic_id, $is_inline_review) $is_auth = array(); $is_auth = auth(AUTH_ALL, $forum_id, $userdata, $forum_row); + + if ( !$is_auth['auth_read'] ) + { + message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type'])); + } } // |